👊Carrying - Technology Growth

5.1 Resource consumption for workload proofing

As described in the Bitcoin whitepaper, the main problem facing e-cash systems is the double expense. While Proof of Work (PoW) is a powerful tool to democratize the concept of e-cash, it also leads to the development of specific hardware and significant energy waste. The result is that mining operations are mostly concentrated in areas where electricity costs are low. As of June 2018, around 74% of the hash rate is expected to be operated by entities. The other majority of dedicated hardware (ASIC) is developed in select countries, making the currency vulnerable to local regulators.

5.1.1 Proof of interest

Currently, no PoW alternatives with the same properties have been demonstrated. A competitor is considered a proof-of-stake (PoS). Since 2012, when Peercoin proposed the "coin age" approach, numerous projects have investigated the problem. Another well-known token, NXT, uses the new block data as a seed to determine the next selector [NXT19]. The most famous PoS system development project, Ether, has been planning a transition to PoS since 2014. In the last few years, the new project has introduced the concept of "Delegated Proof of Stake" (DPoS). In this concept, each node votes to delegate its voting rights to a small subset of nodes.

One of the main differences between PoS and PoW protocols is that the former places more importance on security than on activity, resulting in a protocol that can be terminated with immediate termination, while the latter guarantees activity and index security, however, PoW does not provide effective activity：An attacker with sufficient resources can decide to produce empty blocks, effectively rendering the system useless. At the time of writing, the missing revenue is minimal compared to the block rewards and can be easily compensated by an external actor. Nonetheless, for now, regardless of any security aspects, any attack could lead to a devaluation of the currency. In many cases, this is a strong incentive to prevent attacks. The blockchain community fully supports this and game theory has been a necessary part of the consensus protocol analysis since day 1.

5.1.2 Scalability issues

In addition to the inherent resource-wasting characteristics exhibited by PoW systems, blockchain scalability is an active research topic. Even in the Bitcoin community, multiple factions have emerged：For example, bitcoin sticks to a 1MB block limit (although quarantine witnesses have helped expand the chain's capacity), but bitcoin Cash has expanded its block size to 32MB. The argument in favor of small capacity blocks is that only full nodes (nodes that fully validate the blockchain) are secure, while other nodes rely on other parts of the system (e.g. miners). Therefore, a personal computer should be able to run a single bitcoin node.

If each block is 32 MB and 1 block/10 minutes (144 blocks per day), the amount of data that can be accepted in a day is 4.6 Gb. 138 Gb for one month and 1,659 GB for a year.

It is an inherent requirement of a decentralized network that transactions must be confirmed by a majority of nodes in the system before they can be accepted. In addition, the more nodes participate in the network, the higher the level of decentralization of the network, provided that the nodes are not controlled by colluding entities. Thus, a system with more users will put more pressure on each node, leading to higher hardware and bandwidth requirements. On the other hand, when the number of nodes increases, more nodes need to be contacted for each transaction, making it take longer to confirm the transaction.

Instead of tackling this multi-objective optimization problem, we decided to follow the same path as the core Bitcoin technology：Build a layer (L2 / "Flash layer") on top of the blockchain layer (L1 / "clearing layer") with slightly weaker rules to maximize the security of L1 while making transactions accepted by peer nodes without having to record them on L1 (and extend sent to all nodes). In doing so, we incorporate incentives for clients to use the scheme by default and for nodes to accept such transactions.

The advantages of the Flash layer solution are：

● Less data on the blockchain.

Confirmation of “near instant” time if protocols are followed.

● Users do not have to wait for confirmation of blocks.

● Cheaper micro-transaction costs for the Flash layer.

With these advantages, we expect that the built-in second layer solution will lead to a secure, low-cost environment for decentralized application development. In addition, one of the most important goals of the Redruby project is to separate political power from economic power with the Flash layer solution.

5.1.3 PoS attacks

For many years, there have been discussions about the few attacks and concerns about PoS. In this section, we will review the basic definition of these attacks and give the reader an idea of the challenges our protocols will face in the future.

Short-range and long-range attacks

A short-range attack is defined as that occurs in clients side with fewer than N blocks at the latest accepted network block, and a long-range attack as that occurs in clients side with more than N blocks at the latest accepted network block.

N is a parameter of the consensus protocol that can be explicitly chosen or derived from other factors. An example of explicitly specifying N can be found in the notion of weak subjectivity in Ether. Due to the low computational cost associated with creating blocks, rival entities with access to past private keys can create a competing chain without spending much of the associated cost. Since the key is essentially useless after the key-controlled tokens are removed, it is economically feasible for a verifier to sell its private key after exiting the system.

Equity Crushing Attack

Crushing attacks occur when partial consensus algorithms are timed due to random factors. Since consensus protocols must not rely on data that they cannot verify (potentially inviting trust or even single points of failure), any randomness must be based on a known and predictable process and data available to all participants, which is contrary to traditional randomness methods.

Because the data is public, an attacker can try to influence it in a way that is more favorable to him or her. For example, a naive consensus protocol might contain the following steps：

● Select a fixed set of n validators.

● Sort the set in a predictable way (e.g. by its public key).

● Pick one validator per round to assign blocks.

● The selected verifier has a hash index in the sorted set (previous_block) % n

With this approach, the verifier simply finds a suitable single hash as the next verifier for the next round. With the random prediction model, n= 100, the chance of 1000 combinations making the verifier the next verifier is greater than 99.99%. One approach commonly used in solving this problem requires blind pre-submission. For example, a verifier submits a hash in round R and finds the original image of that hash in round R+1. Afterwards, the random values (or their seeds) in this original image are summed (or XOR, tandem hash).

Stake Free Attack

Stake free attacks occurred in the early design of PoS protocols.

If two different blocks are presented to the verifier and both are valid candidates for the current chain, then it is most economically feasible to "vote" for both, since "voting" in the chain does not consume resources. Thus, the consensus protocol acts for this purpose

Add penalties.

However, these penalties are not effective if they are not combined with a mandatory lock-up period. If the certifier can move (sell) its interest at any time, the

containing blocks are moved (sold) immediately after the vote, then moving the interest is irrelevant to them, after which they try to repeat the previously spent output from the blocks that still hold the interest.

Since the interest already belongs to the other party, it is not possible to penalize such behavior. For this reason, a lock-up period was introduced.